You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For deployment of a DSS there is a certain required level of access that the role must have to AWS. These are not documented anywhere. For internal developers in the HCA our access levels never indicate that we cannot perform an operation on infra (creation/modification to: s3, lambda, domains, ddb)
However that cannot be assumed for external developers that are using the repository.
There should be an indication for required operator permissions to setup the infra for the DSS to avoid problems like #1726, and #1720.
If this is setup within terraform it would be easy for an sys-admin to build out an IAM policy that would give a developer the ability to deploy/manage infra within their account.
The text was updated successfully, but these errors were encountered:
For deployment of a DSS there is a certain required level of access that the role must have to AWS. These are not documented anywhere. For internal developers in the HCA our access levels never indicate that we cannot perform an operation on infra (creation/modification to: s3, lambda, domains, ddb)
However that cannot be assumed for external developers that are using the repository.
There should be an indication for required operator permissions to setup the infra for the DSS to avoid problems like #1726, and #1720.
If this is setup within terraform it would be easy for an sys-admin to build out an IAM policy that would give a developer the ability to deploy/manage infra within their account.
The text was updated successfully, but these errors were encountered: